[Year]
Explain the legal and ethical issues
in relation to the use of business
information

Aliyah Ismail
Business Communications

Aliyah Ismail
Business communication

In this assignment I will be explaining the different legal and ethical issues in relation to my
selected business. The business that I have selected to explain further is H&M, I will also
explain how H&M administers the legal and ethical issues.
The Data Protection Act
The Data Protection Act 1998 protects information held about people from being misused,
the information which is stored by businesses on databases must be gained lawfully and
fairly, it should only be used for the purpose in which it has been stated for. “An Act to make
new provision for the regulation of the processing of information relating to individuals,
including the obtaining, holding, use or disclosure of such information.” It also has to be
accurate and up to date, and must not be kept longer than the organisation.
The Swedish parent company, H & M Hennes & Mauritz AB (hereinafter referred to as
“H&M”), is responsible for your personal data under the Swedish Data Protection Act.
H&M’s privacy policy states how they use customer’s personal details and how their
information is distributed and collected. On their website H&M have stated that they only
use their customer’s information to create personal accounts for their website, so they
require a name and email address. Another way in which H&M have used their customer’s
information is by processing their orders, by using customers personal information like their
address, and email address or phone number to contact them.
Sony's April 2011 hack of its PlayStation platform saw the personal data of millions of
customers put at risk. Personal information including names, addresses, email, account
passwords, payment card details and dates of birth were also comprised. The ICO saw that
Sony could have prevented this from happening. Sony was fined £250,000 after breaching
the data protection act.
Freedom information Act 2000
“An Act to make provision for the disclosure of information held by public authorities or by
persons providing services for them and to amend the Data Protection Act 1998 and the
Public Records Act 1958; and for connected purposes.” Freedom of Information Act 2000
came into power in 2005, this provides individuals and other organisations with the right to
request information held by a public authority. The public authority must tell the applicant
whether it holds the information, which it must supply within 20 working days.

H&M have given its customers the right to request information and data which is being held
about them. If your data is incorrect, incomplete or irrelevant, you can ask to have the

Aliyah Ismail
Business communication

information corrected or removed. H&M have stated that customers have the right to
request written documentation on the personal information they hold about you in our
account files. To request this document, you must write to H&M Customer Service, and you
can then withdraw your consent to us using this data for marketing purposes.
A local council has been told it breached the Freedom of Information Act by failing to
provide an AM details about the cost of employing education consultants. The authority
spent £46,000 on two consultants but did not say how many days they worked or what each
was paid. The council said it gave a breakdown of work and total costs, but had "grave
concerns" about releasing more details. The council has been given 35 days to provide the
information or face High Court action.
Computer Misuse Act
“An Act to make provision for securing computer material against unauthorised access or
modification; and for connected purposes.” The computer misuse act 1990 is a law in the UK
that legislates against certain activities using computers, and example of this would be
hacking into another person’s computer or even misusing their data. This act is
unauthorised access to computer material, unauthorised access to computer systems with
intent to commit another offence, and lastly unauthorised modification of computer
material.
Act when they hacked into Sony Music's servers and stole unreleased music recorded by
Michael Jackson. Marks, 27, hacked into Sony's servers from his home computer in
Daventry, whilst McCormick, 26, hacked into the company's systems from his home in
Blackpool. The men pled guilty to "two counts of unauthorised access to computer
material", according to the Crown Prosecution Service.
Ethical issues
Ethical issues are different codes of practice that exist in organisations to maintain business
ethics. There are five main business ethics
•
•
•
•
•

Many organisations use email to communicate with staff and customers, H&M use email to
guarantee confirmation on orders from their site. H&M also use emails to give information
to a large amount of people. On their website H&M have stated that they use email to
confirm orders and create personal accounts.
Many organisations have codes of practise on the use of internet, and what their employees
can and cannot use the internet for. H&M have used internet to communicate more with
their employees and staff, through email and their website. They advertise their new

Aliyah Ismail
Business communication

seasonal clothing lines, and promotional offers on their website. This attracts more
customers to their organisation, it also helps their staff and employees become more aware
of the company.

A whistle blower is an employee who raises a concern about a business practice, this is
either to the management within the organisation. This is when an existing employee of an
organisation leaks information. Bradley Manning, the Army private sentenced to military
prison for leaking classified documents, revealed he intends to live out the remainder of his
life as a woman.
Organisational policies
Organisational policies are policies to ensure that a business practises with regard to
information which can be done more ethically. This can be to do with how they manage
their information ensuring marketing and other businesses.
Information ownership is the idea of information in your day to day work, this means that
the organisation must be responsible for it.
H&M take full responsibility for all the personal data that they receive during recruitment or
in competitions. These details are processed within the country’s organisation where you
submit your application, while the data is stored in the Netherlands. H&M’s general rule is
that all their suppliers and other business partners must, in all their activities, follow the
national laws in the countries in which they operate.
Code of conduct is a set of principles and expectations that are considered binding on any
person in a group or organisation. This Code of Conduct specifies what H&M require from
their suppliers, their subcontractors and other business partners in order to fulfil their
commitment to their Board of Directors, to H&M’s employees, customers, shareholders and
stakeholders.
Here is H&M’s privacy policy
Sources//bibliography
http://www.out‐law.com/en/articles/2013/january/sony‐music‐hackers‐given‐suspended‐
prison‐sentence/